Upload File

ch04

29
Ethics in Information Technology Ethics in Information Technology Chapter 4 Privacy Ethics in Information Technology

Upload: mohamed-metwalli

Post on 26-Jul-2016

214 views

Category:

Documents


1 download

Report

DESCRIPTION

 

TRANSCRIPT

Page 1: Ch04

Ethics in Information TechnologyEthics in Information Technology

Chapter 4Privacy

Ethics in Information Technology

Page 2: Ch04

2

Privacy Protection and the Law Bill of Rights: Ten amendments that were

ratified to protect the privacy of individuals Fourth Amendment: States that the right of

the people to be secure in their persons, houses, papers, and effects must not be violated Unless a warrant has been issued upon probable

cause Right of privacy: Right to be left alone, the

most comprehensive of rights, and most valued by free people

Page 3: Ch04

3

Information Privacy Combination of communications privacy

and data privacy Communications privacy - Ability to communicate

with others without those communications being monitored by other persons or organizations

Data privacy - Ability to limit access to one’s personal data in order to exercise control over that data and its use

Page 4: Ch04

4

Privacy Laws, Applications, and Court Rulings: Financial Data Fair Credit Reporting Act: Regulates the

operations of credit-reporting bureaus Right to Financial Privacy Act: Protects

the records of financial institution customers from unauthorized scrutiny by the federal government Does not cover disclosures to private businesses

or state and local governments

Page 5: Ch04

5

Privacy Laws, Applications, and Court Rulings: Financial Data Gramm-Leach-Bliley Act (GLBA): Bank

deregulation law that repealed the Glass-Steagall law Financial privacy rule

Opt out: Customers’ refusal to give the institution the right to share personal data with third parties

Opt in: Customers give financial institutions the right to share their personal data to other financial institutions

Page 6: Ch04

6

Privacy Laws, Applications, and Court Rulings: Financial Data Safeguards rule - Requires financial institutions

to document a data security plan for clients’ personal data protection

Pretexting rule - Addresses attempts by people to access personal information without proper authority

Fair and Accurate Credit Transactions Act: Allows consumers to request and obtain a free credit report once each year from each of the three primary consumer credit reporting companies

Page 7: Ch04

7

Privacy Laws, Applications, and Court Rulings: Health Information Health Insurance Portability and Accountability Act (HIPAA) Improves the portability and continuity of health

insurance coverage Reduces fraud, waste, and abuse Simplifies the administration of health insurance

American Recovery and Reinvestment Act: Contains provisions for electronic health records Bans the sale of health information, promotes the use

of audit trails and encryption, and provides rights of access for patients

Page 8: Ch04

8

Privacy Laws, Applications, and Court Rulings: Children’s Personal Data Family Educational Rights and Privacy Act (FERPA): Assigns certain rights to parents regarding their children’s educational records

Children’s Online Privacy Protection Act (COPPA): Aims to give parents control over the collection, use, and disclosure of their children’s personal information over the Internet Does not cover the dissemination of information

to children

Page 9: Ch04

9

Privacy Laws, Applications, and Court Rulings: Electronic Surveillance Communications Act: Established the

Federal Communications Commission to regulate all: Non-federal-government use of radio and

television broadcasting Interstate telecommunications and

international communications that originate or terminate in the U.S.

Page 10: Ch04

10

Privacy Laws, Applications, and Court Rulings: Electronic Surveillance Foreign Intelligence Surveillance Act

(FISA): Describes procedures for the electronic surveillance and collection of foreign intelligence information

Title III of the Omnibus Crime Control and Safe Streets Act: Regulates the interception of wire and oral communications Allows law enforcement officials to use wiretapping Known as the Wiretap Act

Page 11: Ch04

11

Privacy Laws, Applications, and Court Rulings: Electronic Surveillance Electronic Communications Privacy Act (ECPA) Protection of communications while in transfer

from sender to receiver Protection of communications held in electronic

storage Prohibition of devices from recording dialing,

routing, addressing, and signaling information without a search warrant

Page 12: Ch04

12

Privacy Laws, Applications, and Court Rulings: Electronic Surveillance National Security Letter (NSL): Compels holders of personal records to turn them over to the government

Pen register: Records electronic impulses to identify the numbers dialed for outgoing calls

Trap and trace: Records the originating number of incoming calls for a particular phone number

Page 13: Ch04

13

Privacy Laws, Applications, and Court Rulings: Electronic Surveillance Communications Assistance for Law Enforcement Act (CALEA): Required the telecommunications industry to build tools into its products For use by federal investigators, after obtaining a

court order, to intercept communications

Page 14: Ch04

14

Privacy Laws, Applications, and Court Rulings: Electronic Surveillance USA PATRIOT Act (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism): Increased the ability of law enforcement agencies to search personal records NSL gag provision: Prohibits NSL recipients

from informing anyone that the government has secretly requested an individual’s records

Page 15: Ch04

15

Privacy Laws, Applications, and Court Rulings: Electronic Surveillance Foreign Intelligence Surveillance Act (FISA) Amendments Act: Granted NSA expanded authority to collect international communications as they flow through U.S. telecom network equipment and facilities

Fair information practices: Set of guidelines that govern the collection and use of personal data Transborder data flow: Flow of personal data

across national boundaries

Page 16: Ch04

16

Privacy Laws, Applications, and Court Rulings: Fair Information Practices Organisation for Economic Co-operation and Development (OECD) - International organization that aims to set policies and agreements on topics for which multilateral consensus is required

European Union Data Protection Directive Ensures that data transferred to non-European

Union countries is protected European Data Protection Regulation: Enforces a

single set of rules for data protection across the EU, eliminating the need for costly administrative processes

Page 17: Ch04

17

Privacy Laws, Applications, and Court Rulings: Access to Government Records Freedom of Information Act (FOIA):

Grants citizens the right to access certain information and records of federal, state, and local governments upon request Request must:

Not require wide-ranging, unreasonable, or burdensome searches for records

Be made according to procedural regulations published in the Federal Register

Page 18: Ch04

18

Privacy Laws, Applications, and Court Rulings: Access to Government Records Privacy Act: Sets rules for the collection,

maintenance, use, and dissemination of personal data kept in systems of records by federal agencies Prohibits U.S. government agencies from

concealing the existence of any personal data record-keeping system

Page 19: Ch04

19

Key Privacy and Anonymity IssuesData

breachesElectronic discovery

Consumer profiling

Workplace monitoring

Advanced surveillance technology

Ethics in Information Technology, Fourth Edition

Page 20: Ch04

20

Data Breaches Caused by:

Hackers breaking into a database Failure to follow proper security procedures

Health Information Technology for Economic and Clinical Health Act Mandates that within 60 days after discovery of a

data breach, each individual whose health information has been exposed must be notified

Page 21: Ch04

21

Electronic Discovery (e-discovery) Collection, preparation, review, and production

of electronically stored information for use in criminal and civil actions and proceedings

Electronically stored information (ESI): Any form of digital information stored on any form of electronic storage device

E-discovery software helps: Analyze large volumes of ESI quickly Simplify and streamline data collection Identify all participants in an investigation to

determine who knew what and when

Page 22: Ch04

22

Consumer Profiling Information about Web surfers can be

obtained through the use of: Cookies Tracking software

Criticism - Personal data may be gathered and sold to other companies without the permission of consumers who provide the data

Page 23: Ch04

23

Workplace Monitoring The Fourth Amendment does not limit how

a private employer treats its employees State privacy statutes tend to favor

employers over employees Privacy advocates stress on the need for

federal legislation to keep employers from infringing upon the privacy rights of employees

Page 24: Ch04

24

Camera Surveillance Goal - Deter crime and terrorist activities Criticism - May provide leeway for abuse

and blackmail Domain Awareness system

Joint effort of the New York Police Department and Microsoft

Goal is to combat terrorist activities and reduce the time required to respond to an incident

Page 25: Ch04

25

Vehicle Event Data Recorder (EDR) Records vehicle and occupant data for a few

seconds before, during, and after any vehicle crash severe enough to deploy the vehicle’s air bags

Purposes To capture and record data to make changes to

improve vehicle performance in the event of a crash

For use in a court of law to determine what happened during a vehicle accident

Page 26: Ch04

26

Stalking App Cell phone spy software that can be loaded

onto a cell phone or smartphone Performs location tracking, records calls,

views text messages sent or received, and records the URLs of any Web site visited on the phone

Illegal to install the software on a phone without the permission of the phone owner

Page 27: Ch04

27

Summary Laws, technical solutions, and privacy

policies are required to balance needs of business against rights of consumers

A number of laws have been enacted that affect a person’s privacy particularly in the areas of financial and health records, protection following a security breach, children’s personal data, electronic surveillance, export of personal data, and access to government records

Page 28: Ch04

28

Summary Identity theft is fastest-growing form of fraud E-discovery can be expensive, can reveal data

of a private or personal data, and raises many ethical issues

Web sites collect personal data about visitors Consumer data privacy has become a major

marketing issue Code of Fair Information Practices and 1980

OECD privacy guidelines provide an approach to treating consumer data responsibly

Page 29: Ch04

29

Summary Employers monitor employees to maintain

employee productivity and limit exposure to harassment lawsuits

Advances in information technology provide new data-gathering capabilities but also diminish individual privacy Surveillance cameras GPS systems


Stevenson9e Ch04

Chase Ch04

Gj11e ch04

Mosley7e ch04

1sbc100122c0202 ch04

ch04 - ABC

IS465- ch04

Excel ch04

Ch04 Appen

Access2013 ch04

Ch04 Solutions

CH04. Problems

ch04 accounting

Greenberg CH04

Ch04 mccalister

Ch04 instructor

11848 ch04

01 Cubierta CH04 01 Cubierta CH04 - clinicahidalgo.es

whit38220 ch04

Ch04 Antennas

MGT420 Ch04

Bohlander15e ch04

Hubbard Ch04

Horngrenima14e ch04

Ch04 Access

Ch04 lecpptchem1012011f

Dreamweaver Ch04

Ch04 Notes

Robertson ch04

Ch04 leadership

Ch04 slides

Kendall7e ch04

Ch04 Lecture

Ch04 Ingredients

Corporate Ch04